Have a question?

How can I use DKIM for authenticating my emails?

I want to authenticate my emails to secure that only I can send mails from our domain and thus protect my sender reputation.

What does it do?

DomainKeys Identified Mail (DKIM) allows senders to associate a domain name with an email message, thus vouching for its authenticity.

This is done by "signing" the email with a digital signature, a field that is added to the message's header. A "signature" is generated by the sending mail transfer agent (MTA) using an algorithm, applied to the content of the signed fields, which creates a unique string of characters, a "hash value." When the signature is generated, the public key used to generate it is stored at the listed domain. After recieving the email, the recipient MTA can verify the DKIM signature by recovering the signer's public key through DNS.

It then uses that key to decrypt the hash value in the email's header and simultaneously recalculate the hash value for the mail message it recieved. If these two match, then the email has not been altered. This gives users some security knowing that the email did actually originate from the listed domain, and that it has not been modified since it was sent.

Should you need more information please visit the website from DKIM by clicking here

How does it work?

For each domain that you want to send newsletters from, you can set up your own email authentication. To do this, you need access to edit the domain's DNS records through the domain registrar or DNS provider.

It can be tricky to set up your own records because every host handles DNS management differently. For this reason we can't provide step-by-step instructions, but our guide below will help.

The following guide will assist you with editing your DNS records. Before you start, check that the DNS provider supports TXT records.

Step 1 : Generate the DKIM keys for your sender domain

In order to generate the keys which are used for authentication please visit the following website.

This page you need to fill in your sender domain and the key-name ( this can be any name ).

MAKE SURE THE CHECK 2048 as key

Step 2 : Add the DKIM record to your DNS

The url provided above gives you the needed details what you should do with the generated keys. As stated on the page from PowerMTA you need to add the generated public key which looks like this :

-----EXAMPLE KEY NOT TO BE USED -----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHTzEwg5mOm48QvuXWyP
EG5bFqNr0w/xV4d3mAix2B/yQupq3iNvOem8kcUmPTjwEAGl53YnHZcDGxag/nD7
BorIVE1r8rGiiVOaJtEE4m8pMK5XeUq1d2ewGKX+eDUxvHxCfjQd4LM/pq6SNPi4
NWFbHDzRKG4AkVDOiuyLVLcyWIrhxBbpLKC69a2fB1hLpT3sYczJ6Q3VyzLz7zF2
aqhXTvlPZ8IkkM9oFRJivLn0ZJui82qTehDHzgH4VSU3SUTCfxy2qupibJgfZONQ
v4AXGTIeWixPj6AB6suJiomXZeOCIsWg8EPpzKpHnktFEd5zG00+yhknn07aCw4q
KwIDAQAB
-----EXAMPLE KEY NOT TO BE USED----

Step 3 : Start sending authenticated mails

Once this key is added to your DNS record, it can be used for email authentication. The last step is a action that needs to be done by us !

If the keys are added in our platform, you can check this the easiest in the gmail client. You 'll notice that the header from gmail will contain a mailed-by and signed-by message. Click the following link for more explanantion.

Contact your account manager if you would like to setup this up in our application !